Class: Google::Cloud::SecurityCenter::V2::GroupFindingsRequest

Inherits:

Object

Object
Google::Cloud::SecurityCenter::V2::GroupFindingsRequest

show all

Extended by:: Protobuf::MessageExts::ClassMethods

Includes:: Protobuf::MessageExts

Defined in:: proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb

Overview

Request message for grouping by findings.

Instance Attribute Summary collapse

#filter ⇒ ::String
Expression that defines the filter to apply across findings.
#group_by ⇒ ::String
Required.
#page_size ⇒ ::Integer
The maximum number of results to return in a single response.
#page_token ⇒ ::String
The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.
#parent ⇒ ::String
Required.

Instance Attribute Details

#filter ⇒ `::String`

Returns Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

name
security_marks.marks.marka

The supported operators are:

= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.

The supported value types are:

string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.

The following field and operator combinations are supported:

name: =
parent: =, :
resource_name: =, :
state: =, :
category: =, :
external_uri: =, :
event_time: =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000

severity: =, :
security_marks.marks: =, :
resource:
- resource.name: =, :
- resource.parent_name: =, :
- resource.parent_display_name: =, :
- resource.project_name: =, :
- resource.project_display_name: =, :
- resource.type: =, :.

Returns:

(::String) —
Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:
- name
- security_marks.marks.marka
The supported operators are:
- = for all value types.
- >, <, >=, <= for integer values.
- :, meaning substring matching, for strings.
The supported value types are:
- string literals in quotes.
- integer literals without quotes.
- boolean literals true and false without quotes.
The following field and operator combinations are supported:
- name: =
- parent: =, :
- resource_name: =, :
- state: =, :
- category: =, :
- external_uri: =, :
- event_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000
- severity: =, :
- security_marks.marks: =, :
- resource:
  - resource.name: =, :
  - resource.parent_name: =, :
  - resource.parent_display_name: =, :
  - resource.project_name: =, :
  - resource.project_display_name: =, :
  - resource.type: =, :

# File 'proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb', line 447

class GroupFindingsRequest
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#group_by ⇒ `::String`

Returns Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

Returns:

(::String) —
Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

# File 'proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb', line 447

class GroupFindingsRequest
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#page_size ⇒ `::Integer`

Returns The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

Returns:

(::Integer) —
The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

# File 'proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb', line 447

class GroupFindingsRequest
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#page_token ⇒ `::String`

Returns The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.

Returns:

(::String) —
The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.

# File 'proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb', line 447

class GroupFindingsRequest
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#parent ⇒ `::String`

Returns Required. Name of the source to groupBy. If no location is specified, finding is assumed to be in global. The following list shows some examples:

organizations/[organization_id]/sources/[source_id] + organizations/[organization_id]/sources/[source_id]/locations/[location_id]
folders/[folder_id]/sources/[source_id]
folders/[folder_id]/sources/[source_id]/locations/[location_id]
projects/[project_id]/sources/[source_id]
projects/[project_id]/sources/[source_id]/locations/[location_id]

To groupBy across all sources provide a source_id of -. The following list shows some examples:

organizations/{organization_id}/sources/-
organizations/{organization_id}/sources/-/locations/[location_id]
folders/{folder_id}/sources/-
folders/{folder_id}/sources/-/locations/[location_id]
projects/{project_id}/sources/-
projects/{project_id}/sources/-/locations/[location_id].

Returns:

(::String) —
Required. Name of the source to groupBy. If no location is specified, finding is assumed to be in global. The following list shows some examples:
- organizations/[organization_id]/sources/[source_id] + organizations/[organization_id]/sources/[source_id]/locations/[location_id]
- folders/[folder_id]/sources/[source_id]
- folders/[folder_id]/sources/[source_id]/locations/[location_id]
- projects/[project_id]/sources/[source_id]
- projects/[project_id]/sources/[source_id]/locations/[location_id]
To groupBy across all sources provide a source_id of -. The following list shows some examples:
- organizations/{organization_id}/sources/-
- organizations/{organization_id}/sources/-/locations/[location_id]
- folders/{folder_id}/sources/-
- folders/{folder_id}/sources/-/locations/[location_id]
- projects/{project_id}/sources/-
- projects/{project_id}/sources/-/locations/[location_id]

# File 'proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb', line 447

class GroupFindingsRequest
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

Class: Google::Cloud::SecurityCenter::V2::GroupFindingsRequest

Overview

Instance Attribute Summary collapse

Instance Attribute Details

#filter ⇒ ::String

#group_by ⇒ ::String

#page_size ⇒ ::Integer

#page_token ⇒ ::String

#parent ⇒ ::String

#filter ⇒ `::String`

#group_by ⇒ `::String`

#page_size ⇒ `::Integer`

#page_token ⇒ `::String`

#parent ⇒ `::String`